• Alexander Viro's avatar
    [PATCH] procfs bug exposed by cdev changes · cb13b158
    Alexander Viro authored
    	fs/inode.c assumes that any ->delete_inode() will call clear_inode().
    procfs instance doesn't.  It had passed unpunished for a while; cdev changes
    combined with ALSA creating character devices in procfs made it fatal.
    
    	Patch follows.  It had fixed ALSA-triggered memory corruption here -
    what happens in vanilla 2.5.70 is that clear_inode() is not called when
    procfs character device inodes are freed.  That leaves a freed inode on
    a cyclic list, with obvious unpleasantness following when we try to traverse
    it (e.g. when unregistering a device).
    cb13b158
inode.c 5.21 KB